"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Note that this particular trojan only affects a few banks based out of Poland and hasn't yet spread beyond that. With that said, however, detecting or blocking attempts to use the javascript: pseudo protocol should act as an effective countermeasure for the more recent versions of this trojan. For the older versions, you can try disabling the copy/paste function in Windows, but this countermeasure would likely cause an unacceptable impact to productivity.

For now is to use other AV scanner or some sort of IOC finder using the hash etc but this known threat will sooner be detected by others. Disable of JS and enable application whitelisting to mitigate though it may not be fool-proof and can ne not user friendly.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.